What would be a better option:

Using Online Armour free with HIPS enabled or using Look n Stop firewall and EqSecure HIPS?

Am i right in thinking that EqSecure is a much more powerful HIPS than OA free?

-{ Quote: "What would be a better option:

Using Online Armour free with HIPS enabled or using Look n Stop firewall and EqSecure HIPS?

Am i right in thinking that EqSecure is a much more powerful HIPS than OA free?" }-

Hi LooknStop is a darn good firewall and used it for several years. Doesn't seem to pass all the leaktests, but the worth of that is a moot point anyway, by all accounts.

OA is also a darn good firewall plus in standard mode a very user friendly HIPS.

I can't comment on EqSecure but there are some very, very good stand alone HIPS out there.

Depends how much user interaction you can stomach or understand.

OA is a fine 'out of the box' security application with the notion of being 'mom-friendly' at heart

IMHO it would serve you well.

Hope that helps :)

Online Armor is very powerful and I got it to pass the GRC leaktest. The PC Flank test and the System Shutdown Simulator. It is very easy to use and i would rec over the others you stated.

But it seems EqSecure is more feature rich than OA Free. Can anyone with experience of EqSecure post their views on it?

Hi,

I have two rigs.
One with KAV 7 and Online Armor, the other with KIS 7 and EQSecure. ;D
I can't decide for myself which is "better", nor for you.

EQS offers much space for rules and varying settings.
If you want it only as an anti-exe, no problem, disable everything else.
If you want to observe the rearmost part of the registry or files which are vital only for you, it's very easy to implement rules therefore.

OA is great out of the box, with it's easy to use HIPS and firewall.
In my opinion the version 2.1.0.85 firewall is the fastest in OA history, I tested it with Steam games, UT3, µTorrent and eMule.
OA HIPS is probably as "safe" as EQS, but yet not full featured in free edition.

Possibly it will be choice: more configurable or more easy to use.

Cheers

Also Look n Stop is not free.
But I am not sure what actually happens after the 30 days trial period expire?

-{ Quote: "Also Look n Stop is not free.
But I am not sure what actually happens after the 30 days trial period expire?" }-

I know application control is no more after the 30 days.
Not sure what else.

Once I tried OA free with EQSecure, they had a severe conflict!

Then, I tried OA (free) with System Safety Monitor (free); no conflict at all.

However, I kept only OA (free) = Firewall + HIPS instead of SSM (free) =HIPS.

SSM (free) used to warn me about everything; even the innocent/safe programs.
This was exhausting, as it required a lot rule-based settings.

On the other hand, OA (free) offers a top-notch Firewall equipped with
very powerful HIPS that warn me about the things that really/only need
my attention-decision.

EQSecure has complex parent-child control plus File protection that lacks in OA.
But configuring EQS can be a pain. OA has run safer option that lacks in EQS.

Easy set up: OA
Complex but more powerful setup: EQS

-{ Quote: "Easy set up: OA
Complex but more powerful setup: EQS" }-

Exactly as noted: OA is out-of-box simple enough but EQS so far as HIPS is far more flexible and configurable in spite of the effort needed to fine tune it to reach a formidable deflector shield protection that covers a very wide-range of items from file protections/scripts to registry etc.

If you're in a hurry OA will do as your HIPS in it's free version, but if you want iron wall protection and more far reaching protection it stands to reason a PURE hips-only development maker will dish out plenty of other additional areas of interests.

And since there are some really nice reliable sandbox & virtuals circulating these days, OA might be all one needs in a HIPS.

EASTER

Based on your comments im strongly considering the look n stop/Eqsecure comnbination. One final question: Is there a better free HIPS than EqSecure? Ive looked at Prosecurity free and SSM free and they both have some functions disabled.

You may want to take a look at

http://wiki.castlecops.com/Host_Intrusion_Protection_System_-_Comparison

Clicking on each HIPS product (Top Row of the Comparison Table)
will open a separate page with further info on it.

Okay, my setup is now complete at last. I believe it is pretty much bulletproof :) Thanks guys - i opted for the LnS + EqSecure option.

Does anyone know when the new EqSecure build is going to be released?

-{ Quote: "Based on your comments im strongly considering the look n stop/Eqsecure comnbination. One final question: Is there a better free HIPS than EqSecure? Ive looked at Prosecurity free and SSM free and they both have some functions disabled." }-
EQS is the best free HIPS followed by CFP Defence Plus.

-{ Quote: "EQS is the best free HIPS followed by CFP Defence Plus." }-

Lol i realised that finally. But does anyone know when a new build will come out?

-{ Quote: "Lol i realised that finally. But does anyone know when a new build will come out?" }-

I guess nobody knows right now unless you speak Chinese.;)

http://www.eqsecure.com/bbs/index.php

On an aside i'm, testing the combination of these together ATM. OA (free) + EQS + SandboxIE on SP2.

-{ Quote: "EQS is the best free HIPS followed by CFP Defence Plus." }-

I thought that OA has been the best free HIPS:
http://www.wilderssecurity.com/poll.php?do=showresults&pollid=436

:)

Dear aigle,

-Why do you use CFP v.3 and ThreatFire?
-Can't CFP v.3 offer enough protection by itself?

If you use sandboxing (Sandboxie, GesWall etc.),
I thought that CFP v.3 and OA are enough by themselves.
Am I missing something? :doubt:

-{ Quote: "On an aside i'm, testing the combination of these together ATM. OA (free) + EQS + SandboxIE on SP2." }-

I used this combination about two months ago.
OA (free) v.2.1.0.31 and Sandboxie 3.22 with EQS 3.41.
OA (free) v.2.1.0.31 and EQS 3.41 had a conflict!

The same happened with OA (free) v.2.1.0.31 and ThreatFire 3.0.14.

I still haven't test the new OA (free) v.2.1.0.85 with
-ThreatFire 3.0.14
-EQS 3.41

If you have some feedback, I will really appreciate it!:thumb:

-{ Quote: "I used this combination about two months ago.
OA (free) v.2.1.0.31 and ThreatFire 3.0.14 had conflict!
" }-

You're right I had conflict too and also with the new OA version 2.1.0.85. At least on my machine.:-\

-{ Quote: "You're right I had conflict too and also with the new OA version 2.1.0.85. At least on my machine.:-\" }-

I just tried OA free (2.1.0.85) and Sandboxie free (3.22)
with ThreatFire 3.0.14.
I run WinXP Pro SP2.
There is a conflict between ThreatFire and Sandboxie.
I got the unpleasant 'debug' window.

-{ Quote: "I used this combination about two months ago.
OA (free) v.2.1.0.31 and Sandboxie 3.22 with EQS 3.41.
OA (free) v.2.1.0.31 and EQS 3.41 had a conflict!

The same happened with OA (free) v.2.1.0.31 and ThreatFire 3.0.14.

I still haven't test the new OA (free) v.2.1.0.85 with
-ThreatFire 3.0.14
-EQS 3.41

If you have some feedback, I will really appreciate it!:thumb:" }-

For clarification the test that you conducted as outlined in BOLD above is as you stated approximately 2 months past. I am testing the most recent (free) OA release with also that same combination as we speak.

At this point i have no details or issues to bring to attention, YET. This is very early and i might add on a newly wiped & formatted drive with XP SP2.

If there is anything whatsoever remotely of some concern i will at-once make my views known here, untill then and as stated, i yet to find issue with this combo. To further add to this experiement i intend to release malware attacks on this trio but without the assistance of sandboxed since that would instantly nullify any interactions expected to show up with alerts from the other two HIPS.

I'm using latest OA Free Beta with Sandboxie and Shadow Defender. Superb compination and protection.

-{ Quote: "I thought that OA has been the best free HIPS:
http://www.wilderssecurity.com/poll.php?do=showresults&pollid=436
" }-

Let me say:

Best free HIPS, easier to configure but less granular control and short of one protection module( NO File Protection) : OA free

If u want more granular but complex control with all three modules( Application, registry and File Defence): EQS

That,s just my opinion. I think EQS is less popular as it has no proper English forums. Also it,s more complex than OA. NOt so easy to configure like OA.-{ Quote: "
-Why do you use CFP v.3 and ThreatFire?
-Can't CFP v.3 offer enough protection by itself?" }-
CFP v 3 might be enough but TF gives an extra layer. Also it,s pretty silent and in the presence of TF I feel comfortable to switch off Defence+ during installations etc and also when I allow some popups in CFP D+ that seem legit but appear unexpectedly.
-{ Quote: "
If you use sandboxing (Sandboxie, GesWall etc.),
I thought that CFP v.3 and OA are enough by themselves.
Am I missing something? :doubt:" }-Classical HIPS are easier to be defeated than Sandboxes. A sandbox is the strongest security against any software but it covers only limited applications in the system.

-{ Quote: "That,s just my opinion. I think EQS is less popular as it has no proper English forums. Also it,s more complex than OA. NOt so easy to configure like OA." }-

Might be true, but OA (free) is noticably over useage draining down my system plus it's HIPS are not PURE hips but only a sub-set of a full HIPS in my opinion. I reluctantly have pulled it from the line up for Kerio 2.15 again with all other intact and performance is rapidly recovered again.

It's probably OK for higher end systems with less formidable protections but it definitely is not for me. But thats just my results and opinion.

-{ Quote: "Let me say:

Best free HIPS, easier to configure but less granular control and short of one protection module( NO File Protection) : OA free

If u want more granular but complex control with all three modules( Application, registry and File Defence): EQS

That,s just my opinion. I think EQS is less popular as it has no proper English forums. Also it,s more complex than OA. NOt so easy to configure like OA.
CFP v 3 might be enough but TF gives an extra layer. Also it,s pretty silent and in the presence of TF I feel comfortable to switch off Defence+ during installations etc and also when I allow some popups in CFP D+ that seem legit but appear unexpectedly.
Classical HIPS are easier to be defeated than Sandboxes. A sandbox is the strongest security against any software but it covers only limited applications in the system." }-

Endorse that
1. User friendliest = OA, but OA has option to run safer (as LUA)!
2. Most granular = EQS
3. Most portable = D+ (works on XP, Vista 32 + 64 bits)

I think either a Sandbox + Behavior Blocker or Sandbox + silenced HIPS (see my EQS or D+ setup) is sufficient.

A easy to use combo is OA free + DriveSentry free. When running internet facing in OA as safer the vulnarable part of HKLM registry entries are protected. DriveSentry protect most HKCU entries in standard settin plus it has great file protection (which OA has not).

What do u mean by D+ being portable?

Kees would you mind for the somewhat illiterate in regards to that particular term to help out with just a brief explaination when you mention the term "granular" in the same breath as EQS.

EQS = is more complex is easy to grasp for me, but granular escapes me at the moment.

SandoxIE + EQS + DefenseWall. What is an honest opinion of this trio?

I have noticed a number of people here saying how good EQsecure is. but from what I have found on other sites about it makes me confused.
http://membres.lycos.fr/nicmtests/Unhookers/unhookers_results.htm

-{ Quote: "I have noticed a number of people here saying how good EQsecure is. but from what I have found on other sites about it makes me confused.
http://membres.lycos.fr/nicmtests/Unhookers/unhookers_results.htm" }-

I am also puzzled...
What about the combo OA free (latest version) and EQS?
Does it really adds to protection?
OR OA free (latest version) and EQS are... mutually exclusive?

BTW, I run them without a conflict under WinXP SP2.
However,the issue remains: Do I really need both of them ?

Let me share with you the following:

Whenever I tried to run inside my Sandboxie a self-extracted file,
which contains 4 infected files - virtumonte trojan,
it was Online Armor (free) and not EQS that reacted in the first place.

Any ideas and suggestions?

-{ Quote: "I have noticed a number of people here saying how good EQsecure is. but from what I have found on other sites about it makes me confused.
http://membres.lycos.fr/nicmtests/Unhookers/unhookers_results.htm" }-
If you care that much about leaktest, the update (http://membres.lycos.fr/nicmtests/Unhookers/update.htm) might be important for you.

-{ Quote: "If you care that much about leaktest, the update (http://membres.lycos.fr/nicmtests/Unhookers/update.htm) might be important for you." }-

Thank you!

-{ Quote: "

Whenever I tried to run inside my Sandboxie a self-extracted file,
which contains 4 infected files - virtumonte trojan,
it was Online Armor (free) and not EQS that reacted in the first place.

Any ideas and suggestions?" }-It doesn,t matter who reacted first. BTW either one will be sufficient.